Oxide

  1. Bug #1260048
  2. Comment #5

Comment 5 for bug 1260048

Revision history for this message
Jamie Strandboge (jdstrand) wrote :

This will be the new policy until this bug is fixed:
  # LP: #1260048 - only allow 'r' for now, since 'w' allow for db poisoning
  owner @{HOME}/.pki/nssdb/ r,
  owner @{HOME}/.pki/nssdb/** rk,
  deny @{HOME}/.pki/nssdb/ w,
  deny @{HOME}/.pki/nssdb/** w,